Prosze o sprawdzenie loga


(Elo14) #1

Był bym bardzo wdzięczny za sprawdzenie tego loga. :lol: :lol:

Logfile of HijackThis v1.99.1

Scan saved at 19:24:30, on 2006-03-18

Platform: Windows 2003 (WinNT 5.02.3790)

MSIE: Internet Explorer v6.00 (6.00.3790.0000)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\CTsvcCDA.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\MKS\Bin\mksmonsv.exe

C:\WINDOWS\system32\Dfssvc.exe

C:\Program Files\MKS\Bin\mks_scan.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Network\ipnetwork.exe

C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe

C:\Program Files\MKS\Bin\mks_menu.exe

C:\Program Files\MKS\Bin\ABregmon.exe

C:\WINDOWS\system32\ndriver.exe

C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

C:\WINDOWS\system32\owwrqo.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Opera\Opera.exe

C:\Documents and Settings\Administrator\Pulpit\Crac Tools\HijackThis.exe

R3 - URLSearchHook: (no name) - {450A3952-ACCD-F43C-92AD-F18AAFD0F390} - C:\WINDOWS\system32\sennx.dll

R3 - URLSearchHook: (no name) - {75270957-818F-B50A-BF99-C1A7E992DEA8} - C:\WINDOWS\system32\sennx.dll

R3 - URLSearchHook: (no name) - {400A3957-ACBC-803E-92A9-F18AD9A2F398} - C:\WINDOWS\system32\sennx.dll

O2 - BHO: (no name) - {400A3957-ACBC-803E-92A9-F18AD9A2F398} - C:\WINDOWS\system32\sennx.dll

O2 - BHO: (no name) - {450A3952-ACCD-F43C-92AD-F18AAFD0F390} - C:\WINDOWS\system32\sennx.dll

O2 - BHO: (no name) - {4C62155F-D4E7-AD3A-CC0D-DC98CD12F4C0} - C:\WINDOWS\system32\fhy.dll (file missing)

O2 - BHO: (no name) - {75270957-818F-B50A-BF99-C1A7E992DEA8} - C:\WINDOWS\system32\sennx.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O4 - HKLM..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar

O4 - HKLM..\Run: [ipNetwork] C:\Program Files\Network\ipnetwork.exe

O4 - HKLM..\Run: [CTSysVol] C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r

O4 - HKLM..\Run: [updReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM..\Run: [MKS_MENU] C:\Program Files\MKS\Bin\mks_menu.exe

O4 - HKLM..\Run: [ABREGMON] C:\Program Files\MKS\Bin\ABregmon.exe

O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM..\Run: [mstctd] C:\WINDOWS\system32\ndriver.exe

O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKLM..\Run: [winsync] C:\WINDOWS\system32\owwrqo.exe reg_run

O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKCU..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU..\Run: [services32] C:\Program Files\Common Files\Windows\mc-110-12-0000228.exe

O8 - Extra context menu item: Pobierz z &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm

O17 - HKLM\System\CCS\Services\Tcpip..{0F96E273-A1D2-4432-A4BC-1B4AB8D92F68}: NameServer = 85.37.17.10 85.38.28.86

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe

O23 - Service: MkSUpdateInt - MkS Sp. z o. o. - C:\Program Files\MKS\bin\MkSUpdateInt.exe

O23 - Service: MkS_Vir Monitor (MksVirMonSvc) - Unknown owner - C:\Program Files\MKS\Bin\mksmonsv.exe

O23 - Service: MkS_Scan - Unknown owner - C:\Program Files\MKS\Bin\mks_scan.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe


(fiesta) #2

Proszę logi wklejać, w odpowiednim dziale, objąć go tagami

i podać przyczynę zamieszczenia loga :!:

Inaczej :arrow: Śmietnik :!:


(Gblade) #3

Start do trybu awaryjnego, wyłącz przywracanie systemu, usuń poniższe wpisy w HijackThis, pogrubione pliki/foldery usuń ręcznie: